Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
31	2021-09-20 20:36	1ade2bf9e1a716a8135883046afa00... 1734f4013eebe0f6390d89a202af8942 Gen2 MSOffice File VirusTotal Malware				0.8		24	guest

32	2021-09-20 21:04	1ade2bf9e1a716a8135883046afa00... 1734f4013eebe0f6390d89a202af8942 Gen2 MSOffice File VirusTotal Malware				0.8		24	guest

33	2021-09-29 10:55	DOC INVOICE EXPORTO52052 IMG00... 90d330f59db7ec33723b37a5d6c6457d Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		4	1	16.4			ZeroCERT

34	2021-09-29 11:03	PURCHASE ORDER EXPORTO52022 IM... b5697d67ea7945e6944061d076eeecc3 Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		2	1	13.6			ZeroCERT

35	2021-09-29 11:03	PROFORMA INVOICE EXPORTO52022 ... 65691a95adce3b875c496e077d5f7aa5 Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 powershell Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		4	1	15.4			ZeroCERT

36	2021-09-29 11:08	PURCHASE ORDER EXPORTO52022 IM... b5697d67ea7945e6944061d076eeecc3 Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 powershell Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		2	1	15.2			ZeroCERT

37	2021-10-04 17:58	NEW ORDER EXPO_51052 IMG002398... 2f0f161e125227509d9c0dbd5cef40b3 Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 powershell Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		4	1	15.4			ZeroCERT

38	2021-10-04 19:19	SWIFT COPY EXPORTO51052 IMG002... 2f0f161e125227509d9c0dbd5cef40b3 Generic Malware Antivirus DNS AntiDebug AntiVM PE File .NET EXE PE32 Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		4	1	14.8			ZeroCERT

39	2021-10-04 20:22	scan Invoice - SAS_70467.PDF.e... 508c7474ce38c3ecc5b396a3f1310c96 NSIS Malicious Library PE File PE32 DLL Malware download Nanocore Malware c&c Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW human activity check Windows ComputerName DNS DDNS		4	3	12.0			ZeroCERT

40	2021-10-04 20:24	scan Invoice - SAS_70467.PDF.e... 508c7474ce38c3ecc5b396a3f1310c96 NSIS Malicious Library PE File PE32 DLL Malware download Nanocore VirusTotal Malware c&c Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW human activity check Windows ComputerName DNS DDNS		4	3	13.4		28	ZeroCERT

41	2021-10-12 09:32	PO-08YGK.pdf 4bcd422bbc3db021a18e1298bf1577d7 PDF unpack itself Windows utilities Windows				1.4			ZeroCERT

42	2021-10-14 17:33	SI-3023-9552783693PDF.jar 2922d30afb359edde8083596e20601dc Generic Malware Malicious Packer Malicious Library MSOffice File OS Processor Check VirusTotal Malware unpack itself Windows utilities Windows				1.8	M	7	ZeroCERT

43	2021-10-14 18:03	SI-3023-9552783693PDF.jar 2922d30afb359edde8083596e20601dc NPKI Generic Malware Malicious Packer Malicious Library UPX MSOffice File OS Processor Check PE File PE32 DLL VirusTotal Malware AutoRuns Check memory buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder suspicious TLD WriteConsoleW Windows Java ComputerName DNS DDNS crashed	1 Keyword trend analysis	10	4	8.2	M	7	ZeroCERT

44	2021-10-18 17:52	EU-Business-Register (1).pdf ad93c19fcd03385c359be007ee7631f8 PDF VirusTotal Malware unpack itself Windows utilities Windows				1.8		1	guest

45	2021-10-26 17:40	13937710524.pdf 74307be28a2e9a0a21dab1fcc2ad2736 PDF Suspicious Link PDF VirusTotal Malware Windows utilities Windows	5 Keyword trend analysis Info http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip			2.0		16	ZeroCERT